IoT - The Next level of Terrorism

-
When someone mentions the term IoT (Internet of Things), our faces light up like that of a kid who’s been given a new toy to play with. We’re asking questions like how IoT is revolutionizing the world and how it’s making our day to day lives better when the real question we should be asking is, are our existing IoT framework and compliance standards completely addressing our security needs from something more dangerous than anything we’ve seen before - Cyber Terrorism?

Simply put, hacking into the location data on a car is merely an invasion of privacy aka data theft, whereas hacking into the control system of a car would be a threat to life and is considered cyber terrorism.

Let’s look into a few examples of how radicals are using such a promising technology to cause chaos and destruction. Here’s a few ‘what-ifs' with things that are automatically controlled over the internet:


Scenario-1: What would happen if all the fans supporting the ventilation system for underground subway or long tunnels connecting cities stopped working?
Scenario-2: What would happen if a vehicle loses its control or malfunctions? What if this happened to all vehicles across the city simultaneously?
Scenario-3: What would happen if synchronized traffic lights are not working as they should?
Scenario-4: What would happen if all the transformer blow out at the same time?
Scenario-5: What would happen if the cooling fans at data centers fail?
Scenario-6: What would happen if a hospital’s medical device’s real-time diagnosis results are manipulated?
Scenario-7: What would happen if the home security alarm in every home in a city starts sending distress signals at the same time?

What would happen if all the above scenarios take place at the same time in a city like Manhattan?
  • Huge defeat to the human race
  • Economic loss – A loss that would make it near impossible to come out of
  • Chaos, panic, riots, and what not?

Pretty scary, isn’t it?

Basically, anything that is connected to the internet can be hacked with the right tools and skills and IoT is no exception to that. A security firm ESET recently found a malware named “KTN-Remastered”  that would target routers and other embedded devices like IoT. 

According to Intel Security, IoT devices are just beginning to be exploited. It is only a matter of time until IoT device threats become more widespread. Attackers are not after the devices themselves, but the data or gateway capability that they enable because it is the easiest way in, and these devices often provide under-defended access to target-rich networks. (http://www.zdnet.com/article/iot-malware-and-ransomware-attacks-on-the-incline-intel-security/)


According to Gartner, by 2020, more than half the major new business processes and systems will incorporate some element of IoT leading to 20 billion IoT devices connected over the internet. Gartner expects black market exceeding $5 billion worth of IoT devices with fake censors for enabling criminal activity. 

IoT can be classified into two categories, sensors, and controllers. Sensors and controllers are connected over the internet to collect the data, analyze and regulate the process that they support.

Radicals can get access to these sensors and controllers by using the internet as an access medium and can become the controllers of these controllers – master controllers.  These master controllers can combine several technologies like high-speed internet, augmented reality, artificial intelligence, wearable technology, cloud computing, etc., together and get complete access to the device that they’ve hacked into.  For radicals, IoT based attack is the easiest and cost-effective way of declaring war against any country they want. Simply put, IoT is both a luxurious blessing and a dangerous weapon.

I strongly feel that it is important for governments, policymakers, and technology leaders to connect together and start working on security measures in preventing IoT terrorism. They will also have to come up with a proper contingency plan for every possible attack that could happen and should be ready to face it “if it happens”. But how?
  1. Implement security standards at the manufacturing level
  2. Strict guidance’s to IoT manufacturers and enables the approval process for every IoT device that is conceptualized
  3. Draft a IoT security and implementation framework
  4. Draft Compliance standards
  5. Both IoT service provider and consumer must have a security policy and vulnerability policy implemented with security patches released frequently to address concerns
  6. Identify innovative and more secure ways to exchange encryption keys
  7. New security protocols should be rolled out to manage IoT devices
  8. Every IoT cloud must be SAS70 certified
  9. Governments should implement new pattern analytical engines to understand and alert if there is a change in IoT data delivery patterns.
Currently there are initiatives like Builditsecure.ly or OWASP Internet of Things project that could actually help to build a more robust and secure platform for connected-device with very minimal to no serious security issues.

I want to conclude this article with a piece of text I came across:
If we’re not careful, the Internet of Things could also turn out to be one of the most dangerous weapons around. Subverted by malicious intent, the Internet of Things could just as easily turn our lives into a horror movie, one in which the everyday objects we depend on have suddenly developed a new urge—the urge to destroy.



Comments

  1. prajwalMarch 3, 2019 at 11:09 PM

    Great Information. Thank You Author, for sharing your valuable information about iot with us. People who are reading this blog can continue your knowledge which you gained with us and know how to apply this practically along with our IoT Training

    ReplyDelete
  2. Jagna Co KalaniMay 26, 2019 at 10:14 PM

    Great Article
    Internet of Things Final Year Project
    Final Year Project Centers in Chennai

    ReplyDelete

Post a Comment

Popular Posts

Internet of Things (IoT) – Next Revolution?

-
Image
If you were to ask me what the invention of the century was, without blinking an eye I’d tell you it was the Internet. It is the most significant and influential foundation for mankind in my opinion. The Internet has completely revolutionized the world and brought people closer to each other than ever before. The introduction of powerful mobile devices combined with the influence of the Internet has not only changed the way we do business, but also the way we conduct our everyday lives. Just imagine services the population at large use and what we currently offer our customers. Think if that would be possible if not for the Internet? Difficult to imagine, isn't it!   In my opinion, the Internet of Things (IoT) is going to be a major driving force in Enterprise IT since the advent of the Internet. Transformation is happening as I write this article and devices are shifting from isolated systems to ubiquitous IoT enabled systems. What is IoT? Think of I
Read more

Technology Innovation in Banking Industry

-
Image
The digital technology revolution has changed the way we pretty much do anything these days. Consumers are being provided with new avenues to interact in real time with the providers and banking industry is no exception to that. Every day, we’re seeing new market entrants around the globe and for a financial institution, either small or large it, is critical to invest in innovation labs and make use of emerging/disruptive technologies to stay ahead of the competition. To put things in perspective, in the financial sector alone, investments in technology have grown exponentially in the past decade – rising from $1.8 billion in 2010 to $19 billion in 2015 – with 73% of these investments focusing on the personal and small business segments. (Source:  Whitepaper ) You’re probably wondering why this exponential increase in investments? Why invest billions of dollars in Technology Innovation? This is a simple cause and effect, the effect being  “ Increased Profit Margins ” . But, h
Read more